Asian countries collectively relayed more than half (50.1 per cent) of the world's spam last quarter.
Although the USA remains the single worst offender, lax security in Asian nations meant many of the botnet drones spewing junk mail were located in countries such as South Korea and India. Asian countries disgorged 50.1 per cent …

Egress Filtering?

Why do consumer broadband providers not do egress filtering, blocking TCP destination port 25? it's a very simple rule. No one but spammers need to run their own mail server out of a dynamically addressed ADSL pool. Legit users can relay through their ISP's mail servers, or use the SMTP submit port to send mail through other servers -- SMTP submit exists precisely for this purpose and presents no risk of non-relayed spam delivery.

Customers who need to run their own servers -- and to be clear this is at most like .0001% of a typical consumer ISP's customers -- can be placed on their own subnet, given static IPs, and not be made subject to egress filtering.

These policies and practices are almost trivial to assemble and would virtually end botnet spam originating from networks on which they're implemented. The ISP's mail servers could still relay spam from infected machines, but these mail servers also represent choke points where spam can be much more effectively filtered. ISP customers could be given the option to opt-in to ISP email accounts, and since lots of folks these days use webmail it's likely that many people wouldn't want or need ISP specific accounts. That would allow ISP mail servers to further restrict the volume of outgoing spam.

So I ask again, why is this not being done? Are PT Telkom Indonesia, PTCL Pakistan, Turk Telekom, Bharti Airtel India, and Vietnam Post and Telecom Corporation (and so many others) too incompetent? Too strapped for cash? Too indifferent? What is it?

Some folks don't care

I told a chap that his ip address appeared on the cbl blocklist, even though the router got a different ip address each time it rebooted. He just didn't care. It's good business for the spammers. I don't know whether port 25 is used, and could just be blocked, but many PC owners aren't going to do anything about it.

It's hardly news that Asia is where most spam comes from. Back when I last analysed my spam three or four years ago, *75%* of it did. What's news here, despite the misleading headline, is that spam sources are spreading out more evenly across the world.